[openssl-users] OpenSSL 0.9.8 - No more security fixes, nor updates and support, But NO CVEs listed either?
Joe Flowers
flowers.joseph at gmail.com
Wed Jan 13 02:29:34 UTC 2016
Thanks, Matt!
I did not know that OpenSSL.org is the only organization that creates
CVEs for OpenSSL.
Thanks for clearing this up for me!
Joe
------------------
On 12/01/16 22:43, Joe Flowers wrote:
>* Hello OpenSSL Developers,
*> > >* I understand through your previous announcements that OpenSSL
0.9.8 is no longer "supported", and no more "security fixes", nor
"security updates" will be provided by OpenSSL.org.
*> > >* Does this mean that we can expect no more CVEs to be generated
or listed for OpenSSL 0.9.8 also?
*
Not supported means we will no longer being doing work on the 0.9.8 or
1.0.0 branches. This includes any analysis which may lead to a CVE
assignment.
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160112/8c9eb57d/attachment.html>
More information about the openssl-users
mailing list